package pt.mauromad.guias.controller.admin;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;

import pt.mauromad.guias.controller.BaseController;
import pt.mauromad.guias.dao.security.RoleDao;
import pt.mauromad.guias.utils.form.Action;

@Controller
@PreAuthorize("hasAnyRole('ROLE_ADMIN')")
@RequestMapping("/admin/role")
public class RoleController extends BaseController {
	@RequestMapping(value = "/all", method = RequestMethod.GET)
	public String list(Model model) {
		model.addAttribute("roles", roleService.all());
		add(model, Action.createPost("new.save"));
		return "list/all-roles";
	}

	@RequestMapping(value = "/all", method = RequestMethod.POST)
	public String list(Model model, @RequestParam String role) {
		RoleDao dao = new RoleDao();

		dao.setRole(role);
		roleService.save(dao);

		return redirect("all");
	}
}
